Home

CVE-2018-15587

Description

GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.925

Associated Vulnerability

VulnerabilityOS Platform
Evolution suite data server (USN-3998-1) libcamel-1.2-54_3.18.5-1ubuntu1.2_i386.debLinux
Evolution suite data server (USN-3998-1) libcamel-1.2-54_3.18.5-1ubuntu1.2_amd64.debLinux
Evolution suite data server (USN-3998-1) libcamel-1.2-61_3.28.5-0ubuntu0.18.04.2_i386.debLinux
Evolution suite data server (USN-3998-1) libcamel-1.2-61_3.28.5-0ubuntu0.18.04.2_amd64.debLinux
Evolution suite data server (USN-3998-1) libebackend-1.2-10_3.18.5-1ubuntu1.2_i386.debLinux
Evolution suite data server (USN-3998-1) libebackend-1.2-10_3.18.5-1ubuntu1.2_amd64.debLinux
Evolution suite data server (USN-3998-1) libebackend-1.2-10_3.28.5-0ubuntu0.18.04.2_i386.debLinux
Evolution suite data server (USN-3998-1) libebackend-1.2-10_3.28.5-0ubuntu0.18.04.2_amd64.debLinux
Evolution suite data server (USN-3998-1) evolution-data-server_3.18.5-1ubuntu1.2_i386.debLinux
Evolution suite data server (USN-3998-1) evolution-data-server_3.18.5-1ubuntu1.2_amd64.debLinux
Evolution suite data server (USN-3998-1) evolution-data-server_3.28.5-0ubuntu0.18.04.2_i386.debLinux
Evolution suite data server (USN-3998-1) evolution-data-server_3.28.5-0ubuntu0.18.04.2_amd64.debLinux
Evolution suite data server (USN-3998-1) libedataserver-1.2-21_3.18.5-1ubuntu1.2_i386.debLinux
Evolution suite data server (USN-3998-1) libedataserver-1.2-21_3.18.5-1ubuntu1.2_amd64.debLinux
Evolution suite data server (USN-3998-1) libedataserver-1.2-23_3.28.5-0ubuntu0.18.04.2_i386.debLinux
Evolution suite data server (USN-3998-1) libedataserver-1.2-23_3.28.5-0ubuntu0.18.04.2_amd64.debLinux
Evolution suite data server (USN-3998-1) evolution-data-server-common_3.18.5-1ubuntu1.2_all.debLinux
Evolution suite data server (USN-3998-1) evolution-data-server-common_3.28.5-0ubuntu0.18.04.2_all.debLinux
evolution security update(DSA-4457-1) evolution_3.22.6-1+deb9u2_i386.debLinux
evolution security update(DSA-4457-1) evolution_3.22.6-1+deb9u2_amd64.debLinux
SUSE-SU-2019:1391-1(SUSE Linux Enterprise Desktop 12-SP4 ) evolution-3.22.6-19.9.1.x86_64.rpmLinux
SUSE-SU-2019:1391-1(SUSE Linux Enterprise Desktop 12-SP4 ) evolution-debuginfo-3.22.6-19.9.1.x86_64.rpmLinux
SUSE-SU-2019:1391-1(SUSE Linux Enterprise Desktop 12-SP4 ) evolution-debugsource-3.22.6-19.9.1.x86_64.rpmLinux
SUSE-SU-2019:1391-1(SUSE Linux Enterprise Desktop 12-SP4 ) evolution-lang-3.22.6-19.9.1.noarch.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update atk-2.28.1-2.el7.i686.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update atk-2.28.1-2.el7.x86_64.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update atk-devel-2.28.1-2.el7.i686.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update atk-devel-2.28.1-2.el7.x86_64.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-3.28.5-8.el7.i686.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-3.28.5-8.el7.x86_64.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-bogofilter-3.28.5-8.el7.x86_64.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-data-server-3.28.5-4.el7.i686.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-data-server-3.28.5-4.el7.x86_64.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-data-server-devel-3.28.5-4.el7.i686.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-data-server-devel-3.28.5-4.el7.x86_64.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-data-server-doc-3.28.5-4.el7.noarch.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-data-server-langpacks-3.28.5-4.el7.noarch.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-data-server-perl-3.28.5-4.el7.x86_64.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-data-server-tests-3.28.5-4.el7.i686.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-data-server-tests-3.28.5-4.el7.x86_64.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-devel-3.28.5-8.el7.i686.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-devel-3.28.5-8.el7.x86_64.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-devel-docs-3.28.5-8.el7.noarch.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-ews-3.28.5-5.el7.i686.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-ews-3.28.5-5.el7.x86_64.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-ews-langpacks-3.28.5-5.el7.noarch.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-help-3.28.5-8.el7.noarch.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-langpacks-3.28.5-8.el7.noarch.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-pst-3.28.5-8.el7.x86_64.rpmLinux
(RHSA-2020:1080) evolution security and bug fix update evolution-spamassassin-3.28.5-8.el7.x86_64.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-3.28.5-12.el8.x86_64.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-bogofilter-3.28.5-12.el8.x86_64.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-data-server-3.28.5-13.el8.i686.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-data-server-3.28.5-13.el8.x86_64.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-data-server-debugsource-3.28.5-13.el8.i686.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-data-server-debugsource-3.28.5-13.el8.x86_64.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-data-server-devel-3.28.5-13.el8.i686.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-data-server-devel-3.28.5-13.el8.x86_64.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-data-server-langpacks-3.28.5-13.el8.noarch.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-debugsource-3.28.5-12.el8.x86_64.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-ews-3.28.5-9.el8.x86_64.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-ews-debugsource-3.28.5-9.el8.x86_64.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-ews-langpacks-3.28.5-9.el8.noarch.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-help-3.28.5-12.el8.noarch.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-langpacks-3.28.5-12.el8.noarch.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-pst-3.28.5-12.el8.x86_64.rpmLinux
(RHSA-2020:1600) evolution security and bug fix update evolution-spamassassin-3.28.5-12.el8.x86_64.rpmLinux
(CESA-2020:1080) evolution security and bug fix update atk-2.28.1-2.el7.i686.rpmLinux
(CESA-2020:1080) evolution security and bug fix update atk-2.28.1-2.el7.x86_64.rpmLinux
(CESA-2020:1080) evolution security and bug fix update atk-devel-2.28.1-2.el7.i686.rpmLinux
(CESA-2020:1080) evolution security and bug fix update atk-devel-2.28.1-2.el7.x86_64.rpmLinux
(CESA-2020:1600) evolution security and bug fix update evolution-3.28.5-12.el8.x86_64.rpmLinux
(CESA-2020:1600) evolution security and bug fix update evolution-bogofilter-3.28.5-12.el8.x86_64.rpmLinux
(CESA-2020:1600) evolution security and bug fix update evolution-data-server-3.28.5-13.el8.i686.rpmLinux
(CESA-2020:1600) evolution security and bug fix update evolution-data-server-3.28.5-13.el8.x86_64.rpmLinux
(CESA-2020:1600) evolution security and bug fix update evolution-data-server-devel-3.28.5-13.el8.i686.rpmLinux
(CESA-2020:1600) evolution security and bug fix update evolution-data-server-devel-3.28.5-13.el8.x86_64.rpmLinux
(CESA-2020:1600) evolution security and bug fix update evolution-data-server-langpacks-3.28.5-13.el8.noarch.rpmLinux
(CESA-2020:1600) evolution security and bug fix update evolution-ews-3.28.5-9.el8.x86_64.rpmLinux
(CESA-2020:1600) evolution security and bug fix update evolution-ews-langpacks-3.28.5-9.el8.noarch.rpmLinux
(CESA-2020:1600) evolution security and bug fix update evolution-help-3.28.5-12.el8.noarch.rpmLinux
(CESA-2020:1600) evolution security and bug fix update evolution-langpacks-3.28.5-12.el8.noarch.rpmLinux
(CESA-2020:1600) evolution security and bug fix update evolution-pst-3.28.5-12.el8.x86_64.rpmLinux
(CESA-2020:1600) evolution security and bug fix update evolution-spamassassin-3.28.5-12.el8.x86_64.rpmLinux
(RHSA-2020:1080)Moderate: security and bug fix update atk-debuginfo-2.28.1-2.el7.i686.rpmLinux
(RHSA-2020:1080)Moderate: security and bug fix update atk-debuginfo-2.28.1-2.el7.x86_64.rpmLinux
(RHSA-2020:1080)Moderate: security and bug fix update evolution-data-server-debuginfo-3.28.5-4.el7.i686.rpmLinux
(RHSA-2020:1080)Moderate: security and bug fix update evolution-data-server-debuginfo-3.28.5-4.el7.x86_64.rpmLinux
(RHSA-2020:1080)Moderate: security and bug fix update evolution-debuginfo-3.28.5-8.el7.i686.rpmLinux
(RHSA-2020:1080)Moderate: security and bug fix update evolution-debuginfo-3.28.5-8.el7.x86_64.rpmLinux
(RHSA-2020:1080)Moderate: security and bug fix update evolution-ews-debuginfo-3.28.5-5.el7.i686.rpmLinux
(RHSA-2020:1080)Moderate: security and bug fix update evolution-ews-debuginfo-3.28.5-5.el7.x86_64.rpmLinux
evolution Security Update (ALAS-2020-1476) evolution-3.28.5-8.amzn2.i686.rpmLinux
evolution Security Update (ALAS-2020-1476) evolution-3.28.5-8.amzn2.x86_64.rpmLinux
evolution Security Update (ALAS-2020-1476) evolution-pst-3.28.5-8.amzn2.x86_64.rpmLinux
evolution Security Update (ALAS-2020-1476) evolution-help-3.28.5-8.amzn2.noarch.rpmLinux
evolution Security Update (ALAS-2020-1476) evolution-devel-3.28.5-8.amzn2.x86_64.rpmLinux
evolution Security Update (ALAS-2020-1476) evolution-langpacks-3.28.5-8.amzn2.noarch.rpmLinux
evolution Security Update (ALAS-2020-1476) evolution-bogofilter-3.28.5-8.amzn2.x86_64.rpmLinux
evolution Security Update (ALAS-2020-1476) evolution-devel-docs-3.28.5-8.amzn2.noarch.rpmLinux
evolution Security Update (ALAS-2020-1476) evolution-spamassassin-3.28.5-8.amzn2.x86_64.rpmLinux
Improper Verification of Cryptographic Signature Vulnerability (CVE-2018-15587)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234